omniauth-artsy 0.1.1 → 0.3.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 540dc690902ed7180d4f606dcf69462182ba9bc5
-  data.tar.gz: ccac36edb12b78ae0b3c23ff7e9d25d4ecaad02c
+SHA256:
+  metadata.gz: 288c57c8e47b184a09c410179705501e5c09f4d0594f7278cef990d7842c12f3
+  data.tar.gz: 0acc42b621eb30cc637da2a8a55d002c7739dbbe4ac9cd7d8d9a49b0d2290268
 SHA512:
-  metadata.gz: fcd9eb3fb3bbc98d42b4886ea6beef07826b85f41033199334555e9d7e07f283215843edb039aec9b8186a2327369c4a89299485b8103634d2d3e86318fe1a53
-  data.tar.gz: ba69be9b3ac5993bf47234ba6bd8736e0a45348fb84de68990bfa2bb1948447b427e877f04acdfea6d6337071f5f9523e73822f0902bef8f6a206723a10df9a5
+  metadata.gz: 656a8269b399888fbbd912bad9527bd694c0fa14af85e93eecd0cc5cbca6b45b1a738d21e07ccd13239946ab45aa80878318c4aa02735101c8d47bbd06e9c370
+  data.tar.gz: 759dee1cfa6c4c99e3bfc1129d7ac6cd6996756c86abf9fb5ebcb80bfcdfc04dad0aee3a1afd9933006eb61ea0c45c41c1a34726cb3e80f8c88d28431b6fae6c

data/.gitignore

@@ -1,3 +1,4 @@
 Gemfile.lock
 .bundle
-
+pkg
+.rspec_status

data/.rspec

@@ -1,3 +1,2 @@
 --color
---format documentation
-
+--order random

data/.rubocop.yml

@@ -1 +1,7 @@
 inherit_from: .rubocop_todo.yml
+
+AllCops:
+  NewCops: enable
+
+Style/ModuleFunction:
+  Enabled: false

data/.rubocop_todo.yml

@@ -1,25 +1,35 @@
-# This configuration was generated by `rubocop --auto-gen-config`
-# on 2014-08-25 15:35:38 -0400 using RuboCop version 0.25.0.
+# This configuration was generated by
+# `rubocop --auto-gen-config`
+# on 2020-09-11 17:57:36 UTC using RuboCop version 0.90.0.
 # The point is for the user to remove these configuration records
 # one by one as the offenses are removed from the code base.
 # Note that changes in the inspected code, or installation of new
 # versions of RuboCop, may require this file to be generated again.
 
-# Offense count: 8
-# Configuration parameters: AllowURI.
-Metrics/LineLength:
-  Max: 154
-
 # Offense count: 2
-Style/Documentation:
-  Enabled: false
-
-# Offense count: 7
-# Configuration parameters: EnforcedStyle, SupportedStyles.
-Style/Encoding:
-  Enabled: false
+# Configuration parameters: CountComments, CountAsOne, ExcludedMethods.
+# ExcludedMethods: refine
+Metrics/BlockLength:
+  Max: 67
 
 # Offense count: 1
-# Configuration parameters: Exclude.
-Style/FileName:
-  Enabled: false
+# Configuration parameters: ExpectMatchingDefinition, CheckDefinitionPathHierarchy, Regex, IgnoreExecutableScripts, AllowedAcronyms.
+# AllowedAcronyms: CLI, DSL, ACL, API, ASCII, CPU, CSS, DNS, EOF, GUID, HTML, HTTP, HTTPS, ID, IP, JSON, LHS, QPS, RAM, RHS, RPC, SLA, SMTP, SQL, SSH, TCP, TLS, TTL, UDP, UI, UID, UUID, URI, URL, UTF8, VM, XML, XMPP, XSRF, XSS
+Naming/FileName:
+  Exclude:
+    - 'lib/omniauth-artsy.rb'
+
+# Offense count: 3
+Style/Documentation:
+  Exclude:
+    - 'spec/**/*'
+    - 'test/**/*'
+    - 'lib/omniauth-artsy/config.rb'
+    - 'lib/omniauth/strategies/artsy.rb'
+
+# Offense count: 3
+# Cop supports --auto-correct.
+# Configuration parameters: AutoCorrect, AllowHeredoc, AllowURI, URISchemes, IgnoreCopDirectives, IgnoredPatterns.
+# URISchemes: http, https
+Layout/LineLength:
+  Max: 154

data/.travis.yml

@@ -3,15 +3,18 @@ language: ruby
 cache: bundler
 
 rvm:
-  - 2.1.2
-  - 2.0.0
-  - 1.9.3
-  - rbx-2.2.10
-  - jruby-19mode
+  - 2.6.0
+  - 2.5.3
+  - 2.4.4
+  - jruby-9.2.5.0
   - ruby-head
   - jruby-head
 
 matrix:
   allow_failures:
     - rvm: ruby-head
+    - rvm: jruby-9.2.5.0
     - rvm: jruby-head
+
+before_install:
+  - gem update bundler

data/CHANGELOG.md

@@ -1,3 +1,28 @@
+0.2.3 (Next)
+===========
+
+* Your contribution here.
+
+0.2.3
+============
+
+* [#9](https://github.com/artsy/omniauth-artsy/pull/9): Upgrade `omniauth-oauth2` - [@ashkan18](https://github.com/ashkan18).
+
+0.2.2
+============
+
+* [#7](https://github.com/artsy/omniauth-artsy/pull/7): Fix issue in configuring Artsy's strategy when using new config - [@ashkan18](https://github.com/ashkan18).
+
+0.2.1
+============
+
+* [#6](https://github.com/artsy/omniauth-artsy/pull/6): Add config so we can configure/initialize `OmniAuth::Artsy` - [@ashkan18](https://github.com/ashkan18).
+
+0.2.0 (5/4/2016)
+================
+
+* [#5](https://github.com/artsy/omniauth-artsy/pull/5): Obtain user details from APIv2 upon login - [@dblock](https://github.com/dblock).
+
 0.1.1 (5/4/2016)
 ================
 

data/Gemfile

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 source 'https://rubygems.org'
 
 gemspec

data/README.md

@@ -28,7 +28,17 @@ end
 
 #### Configuration
 
-Set `ENV['ARTSY_API_URL']` to the location of the Artsy API, typically *https://api.artsy.net* in production. Defaults to *http://localhost:3000*.
+##### Configure in your app
+Add `omniauth_artsy.rb` to your `config/initializers` and set `artsy_api_url`.
+```ruby
+# config/initializers/omniauth_artsy.rb
+OmniAuth::Artsy.configure do |config|
+  config.artsy_api_url = ENV['ARTSY_API_URL']
+end
+```
+
+##### Using ENV
+Set `ENV['ARTSY_API_URL']` to the location of the Artsy API, typically *https://api.artsy.net* in production.
 
 ### License
 

data/Rakefile

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'bundler'
 Bundler::GemHelper.install_tasks
 
@@ -9,4 +11,4 @@ end
 require 'rubocop/rake_task'
 RuboCop::RakeTask.new(:rubocop)
 
-task default: [:rubocop, :spec]
+task default: %i[rubocop spec]

data/lib/omniauth-artsy.rb

@@ -1,2 +1,5 @@
+# frozen_string_literal: true
+
 require 'omniauth-artsy/version'
+require 'omniauth-artsy/config'
 require 'omniauth/strategies/artsy'

data/lib/omniauth-artsy/config.rb

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+module OmniAuth
+  module Artsy
+    module Config
+      extend self
+
+      attr_accessor :artsy_api_url
+
+      def reset
+        self.artsy_api_url = nil
+      end
+
+      reset
+    end
+
+    class << self
+      def configure
+        if block_given?
+          yield(Config)
+          reconfigure_strategy
+        end
+        Config
+      end
+
+      def reconfigure_strategy
+        Strategies::Artsy.configure
+      end
+
+      def config
+        Config
+      end
+    end
+  end
+end

data/lib/omniauth-artsy/version.rb

@@ -1,5 +1,7 @@
+# frozen_string_literal: true
+
 module Omniauth
   module Artsy
-    VERSION = '0.1.1'
+    VERSION = '0.3.0'
   end
 end

data/lib/omniauth/strategies/artsy.rb

@@ -1,17 +1,25 @@
+# frozen_string_literal: true
+
 require 'omniauth-oauth2'
 
 module OmniAuth
   module Strategies
     class Artsy < OmniAuth::Strategies::OAuth2
-      option :client_options,
-             site: ENV['ARTSY_API_URL'] || ENV['gravity_url'] || 'http://localhost:3000',
-             authorize_url: '/oauth2/authorize?scope=offline_access&response_type=code',
-             token_url: '/oauth2/access_token?scope=offline_access&response_type=code&grant_type=authorization_code'
-
-      def request_phase
-        super
+      def self.configure
+        option :client_options,
+               site: OmniAuth::Artsy.config.artsy_api_url || ENV['ARTSY_API_URL'] || ENV['gravity_url'],
+               authorize_url: '/oauth2/authorize?scope=offline_access&response_type=code',
+               token_url: '/oauth2/access_token?scope=offline_access&response_type=code&grant_type=authorization_code'
+        # TODO: Allow GET requests to redirect to /auth/artsy for now, which exposes us
+        # to CSRF attacks. We'll want to change the auth redirect behavior to a POST
+        # request at some point in the future.
+        # https://github.com/omniauth/omniauth/wiki/Resolving-CVE-2015-9284
+        OmniAuth.config.allowed_request_methods = %i[post get] if OmniAuth.config.respond_to?(:allowed_request_methods=)
+        OmniAuth.config.silence_get_warning = true if OmniAuth.config.respond_to?(:silence_get_warning=)
       end
 
+      configure
+
       uid do
         raw_info['id']
       end
@@ -21,7 +29,7 @@ module OmniAuth
       end
 
       def raw_info
-        @raw_info ||= access_token.get('/api/v1/me', headers: { 'X-ACCESS-TOKEN' => access_token.token }).parsed
+        @raw_info ||= access_token.get('/api/current_user', headers: { 'X-ACCESS-TOKEN' => access_token.token }).parsed
       end
     end
   end

data/omniauth-artsy.gemspec

@@ -1,25 +1,32 @@
-# -*- encoding: utf-8 -*-
-$LOAD_PATH.push File.expand_path('../lib', __FILE__)
-require 'omniauth-artsy/version'
-
-Gem::Specification.new do |s|
-  s.name = 'omniauth-artsy'
-  s.version = Omniauth::Artsy::VERSION
-  s.platform = Gem::Platform::RUBY
-  s.authors = ['Dylan Fareed']
-  s.email = ['dylan@artsy.net']
-  s.homepage = 'https://github.com/artsy/omniauth-artsy'
-  s.summary = 'Omniauth plugin for Artsy authentication.  '
-  s.description = 'Omniauth plugin for Artsy authentication.  '
-  s.files = `git ls-files`.split("\n")
-  s.test_files = `git ls-files -- spec/*`.split("\n")
-  s.executables = `git ls-files -- bin/*`.split("\n").map { |f| File.basename(f) }
-  s.require_paths = ['lib']
-  s.license = 'MIT'
-
-  s.add_runtime_dependency 'omniauth-oauth2', '>= 1.0.2'
-  s.add_development_dependency 'rake'
-  s.add_development_dependency 'rspec'
-  s.add_development_dependency 'webmock'
-  s.add_development_dependency 'rubocop', '0.25.0'
+# frozen_string_literal: true
+
+require_relative 'lib/omniauth-artsy/version'
+
+Gem::Specification.new do |spec|
+  spec.name = 'omniauth-artsy'
+  spec.version = Omniauth::Artsy::VERSION
+  spec.authors = ['Artsy']
+  spec.email = ['dev@artsy.net']
+
+  spec.summary = 'Omniauth plugin for Artsy authentication.'
+  spec.description = 'Omniauth plugin for Artsy authentication.'
+  spec.homepage = 'https://github.com/artsy/omniauth-artsy'
+  spec.license = 'MIT'
+  spec.required_ruby_version = Gem::Requirement.new('>= 2.4.0')
+
+  spec.metadata['homepage_uri'] = spec.homepage
+  spec.metadata['source_code_uri'] = spec.homepage
+  spec.metadata['changelog_uri'] = 'https://github.com/artsy/omniauth-artsy/blob/master/CHANGELOG.md'
+
+  spec.files = Dir.chdir(File.expand_path(__dir__)) do
+    `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features)/}) }
+  end
+
+  spec.require_paths = ['lib']
+
+  spec.add_runtime_dependency 'omniauth-oauth2', '>= 1.1.2'
+
+  spec.add_development_dependency 'rake'
+  spec.add_development_dependency 'rspec'
+  spec.add_development_dependency 'rubocop'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: omniauth-artsy
 version: !ruby/object:Gem::Version
-  version: 0.1.1
+  version: 0.3.0
 platform: ruby
 authors:
-- Dylan Fareed
-autorequire: 
+- Artsy
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-05-04 00:00:00.000000000 Z
+date: 2021-03-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: omniauth-oauth2
@@ -16,14 +16,14 @@ dependencies:
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.0.2
+        version: 1.1.2
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
       - !ruby/object:Gem::Version
-        version: 1.0.2
+        version: 1.1.2
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -53,7 +53,7 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: webmock
+  name: rubocop
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - ">="
@@ -66,23 +66,9 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: '0'
-- !ruby/object:Gem::Dependency
-  name: rubocop
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.25.0
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 0.25.0
-description: 'Omniauth plugin for Artsy authentication.  '
+description: Omniauth plugin for Artsy authentication.
 email:
-- dylan@artsy.net
+- dev@artsy.net
 executables: []
 extensions: []
 extra_rdoc_files: []
@@ -98,16 +84,18 @@ files:
 - README.md
 - Rakefile
 - lib/omniauth-artsy.rb
+- lib/omniauth-artsy/config.rb
 - lib/omniauth-artsy/version.rb
 - lib/omniauth/strategies/artsy.rb
 - omniauth-artsy.gemspec
-- spec/omniauth/strategies/artsy_spec.rb
-- spec/spec_helper.rb
 homepage: https://github.com/artsy/omniauth-artsy
 licenses:
 - MIT
-metadata: {}
-post_install_message: 
+metadata:
+  homepage_uri: https://github.com/artsy/omniauth-artsy
+  source_code_uri: https://github.com/artsy/omniauth-artsy
+  changelog_uri: https://github.com/artsy/omniauth-artsy/blob/master/CHANGELOG.md
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -115,18 +103,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 2.4.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.4.8
-signing_key: 
+rubygems_version: 3.0.9
+signing_key:
 specification_version: 4
 summary: Omniauth plugin for Artsy authentication.
-test_files:
-- spec/omniauth/strategies/artsy_spec.rb
-- spec/spec_helper.rb
+test_files: []

data/spec/omniauth/strategies/artsy_spec.rb

@@ -1,81 +0,0 @@
-require 'spec_helper'
-
-describe OmniAuth::Strategies::Artsy do
-  before :each do
-    @request = double('Request')
-    allow(@request).to receive(:params) { {} }
-
-    @client_id = '912831askljfd2'
-    @client_secret = 'dfallksdfoads'
-    @domain = 'artsy.net'
-    @uid = 'asdfasdfadsfcdad'
-    @name = 'Bobert Smithson'
-    @email = 'email@spiraljeezey.com'
-
-    @raw_info_hash = { 'id' => @uid, 'name' => @name, 'email' => @email }
-  end
-
-  subject do
-    OmniAuth::Strategies::Artsy.new(nil, @options || {}).tap do |strategy|
-      allow(strategy).to receive(:request) { @request }
-    end
-  end
-
-  describe '#client_options' do
-    it 'has correct Artsy API URL' do
-      expect(subject.options.client_options.site).to eq('http://localhost:3000')
-    end
-
-    it 'has correct authorize url' do
-      expect(subject.options.client_options.authorize_url).to eq('/oauth2/authorize?scope=offline_access&response_type=code')
-    end
-
-    it 'has correct token_url url' do
-      expect(subject.options.client_options.token_url).to eq('/oauth2/access_token?scope=offline_access&response_type=code&grant_type=authorization_code')
-    end
-  end
-
-  it 'fetches raw_info' do
-    access_token = instance_double(OAuth2::AccessToken, token: 'secret')
-    allow(subject).to receive(:access_token).and_return(access_token)
-
-    response = instance_double(OAuth2::Response, parsed: @raw_info_hash)
-    expect(access_token).to receive(:get).with('/api/v1/me', headers: { 'X-ACCESS-TOKEN' => 'secret' }).and_return(response)
-
-    expect(subject.raw_info).to eq(@raw_info_hash)
-  end
-
-  describe 'with raw_info' do
-    before :each do
-      allow(subject).to receive(:raw_info) { @raw_info_hash }
-    end
-
-    describe '#uid' do
-      it 'returns the uid from raw_info' do
-        expect(subject.uid).to eq(@uid)
-      end
-    end
-
-    describe '#info' do
-      context 'when data is present in raw info' do
-        it 'returns the name' do
-          expect(subject.info[:raw_info]['name']).to eq(@name)
-        end
-        it 'returns the email' do
-          expect(subject.info[:raw_info]['email']).to eq(@email)
-        end
-      end
-    end
-
-    describe '#info' do
-      context 'when data is present in raw info' do
-        it 'returns the name' do
-          expect(subject.info[:raw_info]['name']).to eq(@name)
-        end
-        it 'returns the email' do
-          expect(subject.info[:raw_info]['email']).to eq(@email)
-        end
-      end
-    end
-  end
-end

data/spec/spec_helper.rb

@@ -1,10 +0,0 @@
-$LOAD_PATH.unshift File.expand_path('..', __FILE__)
-$LOAD_PATH.unshift File.expand_path('../../lib', __FILE__)
-
-require 'omniauth-artsy'
-require 'rspec'
-require 'webmock/rspec'
-
-RSpec.configure do |config|
-  config.raise_errors_for_deprecations!
-end